One or more aspects relate, in general, to cryptography service for data communication, and, in particular, to additional cryptography service for conventional cryptography service functionality of mainframe computer systems.
Multi-level security (MLS) systems that are used in high-assurance environments as for financial transactions require privilege separation, reliable tracking of origins and purpose of cryptographic keys and data. Cryptography services provided in conventional mainframe computer systems lack the capability to tag information as required in MLS systems. Thus to implement MLS systems, cryptography service provider (CSP) need to associate types with inputs to the CSP prior to enforce type-based rules for MLS systems.